package com.amazon.redshift.core;

import com.amazon.redshift.INativePlugin;
import com.amazon.redshift.IPlugin;
import com.amazon.redshift.NativeTokenHolder;
import com.amazon.redshift.RedshiftProperty;
import com.amazon.redshift.jdbc.RedshiftConnectionImpl;
import com.amazon.redshift.logger.LogLevel;
import com.amazon.redshift.logger.RedshiftLogger;
import com.amazon.redshift.util.GT;
import com.amazon.redshift.util.RedshiftException;
import com.amazon.redshift.util.RedshiftState;
import com.amazonaws.util.StringUtils;
import java.util.Date;
import java.util.Map;
import java.util.Properties;

/* loaded from: input_file:com/amazon/redshift/core/NativeAuthPluginHelper.class */
public final class NativeAuthPluginHelper extends IdpAuthHelper {
    private NativeAuthPluginHelper() {
    }

    public static Properties setNativeAuthPluginProperties(Properties properties, RedshiftJDBCSettings redshiftJDBCSettings, RedshiftLogger redshiftLogger) throws RedshiftException {
        try {
            String optionalConnSetting = RedshiftConnectionImpl.getOptionalConnSetting(RedshiftProperty.AUTH_PROFILE.getName(), properties);
            Properties authProperties = setAuthProperties(properties, redshiftJDBCSettings, redshiftLogger);
            String nativeAuthPluginCredentials = getNativeAuthPluginCredentials(redshiftJDBCSettings, redshiftLogger, optionalConnSetting);
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logInfo("idpToken=" + nativeAuthPluginCredentials, new Object[0]);
            }
            authProperties.put(RedshiftProperty.WEB_IDENTITY_TOKEN.getName(), nativeAuthPluginCredentials);
            return authProperties;
        } catch (RedshiftException e) {
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.logError(e);
            }
            throw e;
        }
    }

    private static String getNativeAuthPluginCredentials(RedshiftJDBCSettings redshiftJDBCSettings, RedshiftLogger redshiftLogger, String str) throws RedshiftException {
        String idpToken;
        if (StringUtils.isNullOrEmpty(redshiftJDBCSettings.m_credentialsProvider)) {
            RedshiftException redshiftException = new RedshiftException(GT.tr("Required credentials provider class parameter is null or empty {0}", redshiftJDBCSettings.m_credentialsProvider), RedshiftState.UNEXPECTED_ERROR);
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.ERROR, redshiftException.toString(), new Object[0]);
            }
            throw redshiftException;
        }
        try {
            INativePlugin iNativePlugin = (INativePlugin) Class.forName(redshiftJDBCSettings.m_credentialsProvider).asSubclass(INativePlugin.class).newInstance();
            if (!(iNativePlugin instanceof INativePlugin)) {
                RedshiftException redshiftException2 = new RedshiftException(GT.tr("Invalid credentials provider class {0}", redshiftJDBCSettings.m_credentialsProvider), RedshiftState.UNEXPECTED_ERROR);
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.ERROR, redshiftException2.toString(), new Object[0]);
                }
                throw redshiftException2;
            }
            iNativePlugin.setLogger(redshiftLogger);
            for (Map.Entry<String, String> entry : redshiftJDBCSettings.m_pluginArgs.entrySet()) {
                iNativePlugin.addParameter(entry.getKey(), entry.getValue());
            }
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.DEBUG, "IDP Credential Provider {0}:{1}", iNativePlugin, redshiftJDBCSettings.m_credentialsProvider);
            }
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.DEBUG, "Calling provider.getCredentials()", new Object[0]);
            }
            redshiftJDBCSettings.m_idpToken = null;
            NativeTokenHolder credentials = iNativePlugin.getCredentials();
            if (credentials == null || (credentials.getExpiration() != null && credentials.getExpiration().before(new Date(System.currentTimeMillis() - 300000)))) {
                IPlugin iPlugin = (IPlugin) iNativePlugin;
                if (RedshiftLogger.isEnable()) {
                    redshiftLogger.log(LogLevel.DEBUG, "Calling plugin.getIdpToken()", new Object[0]);
                }
                idpToken = iPlugin.getIdpToken();
                redshiftJDBCSettings.m_idpToken = idpToken;
            } else {
                idpToken = credentials.getAccessToken();
            }
            return idpToken;
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
            RedshiftException redshiftException3 = new RedshiftException(GT.tr("Invalid credentials provider class {0}", redshiftJDBCSettings.m_credentialsProvider), RedshiftState.UNEXPECTED_ERROR, e);
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.ERROR, redshiftException3.toString(), new Object[0]);
            }
            throw redshiftException3;
        } catch (NumberFormatException e2) {
            RedshiftException redshiftException4 = new RedshiftException(GT.tr("{0} : {1}", e2.getMessage(), redshiftJDBCSettings.m_credentialsProvider), RedshiftState.UNEXPECTED_ERROR, e2);
            if (RedshiftLogger.isEnable()) {
                redshiftLogger.log(LogLevel.ERROR, redshiftException4.toString(), new Object[0]);
            }
            throw redshiftException4;
        }
    }
}
